<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');

class User extends CI_Controller {

	// form validation message
	public $m_strUser  			= "ชื่อผู้ใช้";
	public $m_strPass 			= "รหัสผ่าน";
	public $m_strPass2 			= "รหัสผ่านอีกครั้ง";
	public $m_strEmail			= "e-mail";
	public $m_strLevel			= "สิทธิ";
	public $m_strRequired		= "กรุณากรอกข้อมูล %s";
	public $m_strMatches		= "ข้อมูลไม่ตรงกัน ";
	public $m_strInsertErrorMsg = "ไม่สามารถเพิ่มผู้ใช้งานได้ : พบผู้ใช้งานซ้ำ";
	public $m_strUpdateErrorMsg = "ไม่สามารถแก้ไขผู้ใช้งานได้ : พบผู้ใช้งานซ้ำ";
	public $m_strValidEmail		= "รูปแบบ e-mail ผิด";
	public $m_strMinLength		= "%s ต้องมีอย่างน้อง %s ตัวอักษร";

	public function __construct()
	{
		session_start();
		parent::__construct();
		$this->load->helper('form');
		
		if ( !isset($_SESSION['username']) 
			 && !isset($_SESSION['user_level']) )
		{
			// echo "session expired.<br/>";
			// echo uri_string();
			// echo "<br/>";
			// echo site_url();
			// echo "<br/>";
			// echo base_url();
			redirect('webadmin', 'refresh');
		}

	}

	public function index()
	{
		if (isset($_SESSION['user_level']) != "admin")
		{
			redirect('welcome', 'refresh');
		}

		$this->load->model("user_model");
		$rs = $this->user_model->db_get_userlist();

		$data["rs"] = $rs;
		$this->load->view("user_list", $data);
	}

	public function add_user()
	{
		if (isset($_SESSION['user_level']) != "admin")
		{
			redirect('welcome', 'refresh');
		}

		$this->load->library('form_validation');

		$frm = $this->form_validation;
		$frm->set_rules('user_id', $this->m_strUser, 'required|trim|max_length[40]'); //*** check database capability
		$frm->set_rules('user_password', $this->m_strPass, 'required|trim|matches[user_password2]|min_length[4]');
		$frm->set_rules('user_password2', $this->m_strPass2, 'required|trim|min_length[4]');
		$frm->set_rules('user_email', $this->m_strEmail, 'required|valid_email|trim');
		$frm->set_rules('user_level', $this->m_strLevel, 'required');

		$frm->set_message("required", $this->m_strRequired);
		$frm->set_message("matches", $this->m_strMatches);
		$frm->set_message("valid_email", $this->m_strValidEmail);
		$frm->set_message("min_length", $this->m_strMinLength);

		if ($frm->run() == FALSE)
		{
			$data["err_msg"] = NULL;
			$this->load->view('add_user', $data);
		}
		else
		{
			//echo "Form success validation";
			$user = $this->input->post("user_id");
			$pass = $this->input->post("user_password");
			$pass2 = $this->input->post("user_password2");
			$email = $this->input->post("user_email");
			$level = $this->input->post("user_level");

			$this->load->model("user_model");
			$res = $this->user_model->db_add_new_user($user, $pass, $email, $level);
			if ($res == TRUE)
			{
				redirect("user", "refresh");
			}
			else
			{
				$data["err_msg"] = $this->m_strInsertErrorMsg;
				$this->load->view('add_user', $data);
			}
		}
	}

	public function update_user($a_userid)
	{
		if (isset($_SESSION['user_level']) != "admin")
		{
			redirect('welcome', 'refresh');
		}

		$this->load->library('form_validation');

		$frm = $this->form_validation;
		$frm->set_rules('user_id', $this->m_strUser, 'required|trim|max_length[40]'); //*** check database capability
		$frm->set_rules('user_password', $this->m_strPass, 'required|trim|matches[user_password2]|min_length[4]');
		$frm->set_rules('user_password2', $this->m_strPass2, 'required|trim|min_length[4]');
		$frm->set_rules('user_email', $this->m_strEmail, 'required|valid_email|trim');
		$frm->set_rules('user_level', $this->m_strLevel, 'required');

		$frm->set_message("required", $this->m_strRequired);
		$frm->set_message("matches", $this->m_strMatches);
		$frm->set_message("valid_email", $this->m_strValidEmail);

		$this->load->model("user_model");
		$row = $this->user_model->db_get_row_from_user($a_userid);

		$data["row"] = $row;
		$data["err_msg"] = NULL;

		if ($frm->run() == FALSE)
		{
			$this->load->view('update_user', $data);
		}
		else
		{
			//Form succeeded validation
			$user = $this->input->post("user_id");
			$pass = $this->input->post("user_password");
			$email = $this->input->post("user_email");
			$level = $this->input->post("user_level");

			$this->load->model("user_model");
			$res = $this->user_model->db_update_user($a_userid, $user, $pass, $email, $level);

			if ($res)
			{
				redirect("user", "refresh");
			}
			else
			{
				$data["err_msg"] = $this->m_strUpdateErrorMsg;
				$this->load->view('update_user', $data);
			}
		}
	}

	public function delete_user()
	{
		if (isset($_SESSION['user_level']) != "admin")
		{
			redirect('welcome', 'refresh');
		}
				
		$chkbox = $this->input->post('mycheckbox');
		if ($chkbox)
		{
			$this->load->model("user_model");
			foreach ($chkbox as $cb)
			{
				$this->user_model->db_delete_user($cb);
			}
		}
		redirect("user", "refresh");
	}	
}
